{ads}

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Written By Saturday, 20 June 2026 Add Comment



June 20, 2026 at 03:26PM

Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API keys, secrets, and OAuth tokens

from The Hacker News https://ift.tt/fbKDGCq

0 Response to "Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads